So many words have been written over the past few years about the benefits of the cloud. The IT industry remains enthusiastic and the statistics surrounding take-up continue to be encouraging. Even government departments are being urged to take advantage of the speed, flexibility and cost savings that working in the cloud can bring. Yet in many quarters, significant concerns about the handing over of sensitive or mission-critical data to the cloud still exist. What can the industry do to allay these fears?
In fact, even as a provider of cloud-based enterprise content management (ECM), I still believe this is an entirely valid view. In a volatile, fast-moving world, sending key company information to be stored the other side of the globe might seem a wise move one minute, but a miscalculated risk the next as circumstances or world politics change.
It’s understandable that potential cloud users feel anxious about losing control of their data. Organisations need to build trust and feel comfortable about their technology more than ever. Increased scrutiny of public spending and the sensitivity surrounding corporate governance has made everybody more risk averse.
Yet large corporations and government organisations such as the NHS in the UK are often struggling with a mismatch of different legacy systems and platforms. They also need to update their server rooms and turn them into modern datacentres as their information assets grow. It’s estimated that the cloud could cut IT costs in the UK public sector by up to 75 percent - a claim that’s hard to ignore when government departments are committed to tough cost-cutting. Even in business, there are many other priorities fighting for any available funds and migrating to the cloud could alleviate this situation for many.
Worries about security might be reasonable - but they shouldn’t be allowed to stop organisations taking advantage of the benefits of cloud-based solutions. After all, while there is yet to be a major security breach involving the cloud there have been all too many high-profile lapses when confidential data has been found on lost laptops and USB sticks or secret documents photographed in the hands of government officials. It could be argued that data is safer when stored centrally and in a secure location where it can be accessed from multiple locations, rather than being physically transported from point A to point B.
But when it comes to storing documents, ‘popular’ cloud vendors, such as Google, Amazon or Microsoft, are not necessarily the preferred option. These global brands are household names for a reason. They aim to be all things to all people, but largely they not designed for the complex requirements of particular applications and industries.
Often, this shows in the way the service is delivered or charged as well as in its functionality. For example, if an organisation is deploying an ECM system, it doesn’t make sense for it to be charged by bandwidth or number of downloads, as the costs will be high. Instead, it needs to find a solution where the monthly charge includes unrestricted volumes of downloads. Other pricing models include per-user, per-GByte (or storage based), and component based (you pay a monthly price for each piece of functionality) – or some combination of all of these. Each model has pros and cons, and can work well for a variety of organisations – the key is in matching the best pricing model to the business or government department.
Decision makers also need to look at the flexibility of a solution. For example, if they start off with an on-premise version, can they decide to migrate to the cloud at a later stage, or are they locked into their first choice? Can they choose between a Software-as-a-Service (SaaS) solution and one where they own the software, but it is hosted by the vendor? Business and organisational requirements change over time. What seemed like the perfect option at one point can become a costly error if there’s a change of focus or a re-organisation.
Organisations should be aware that data doesn’t have to be held the other side of the world. There’s no doubt that customers have more trust in cloud computing when their assets are as close to their origins as possible – for UK businesses this means a datacentre in the UK, rather than in another European centre or the US.
Keeping data close to its source means it is subject to local security legislation and guidelines rather than to the demands of foreign governments. For example, although the US Department of Commerce’s Safe Harbor principles comply with the EU’s Data Protection Directive, some European countries and organisations do not consider that as strong enough protection, and therefore prefer local, European datacentres. Keeping data in its country of origin can also eases the process of checking security protocols and business contingency plans as part of the deployment process.
Providers of cloud-based applications have a role to play in reassuring organisations that their data is safe. To do this they need to be responsible for what they tell their customers. In a world desperate to discover new ways to do more for less, the cloud has huge potential, especially for organisations needing to download high volumes of data using applications such as ECM.
Helping organisations choose the right application – a tailored solution with a datacentre close to where that data has been created - means that more customers will feel comfortable entrusting their data and won’t miss out on the benefits.